🔨 IP 请求头可配置.

.env.example

@@ -6,6 +6,7 @@ SPRING_PROFILES_ACTIVE=prod
 DEMO_MODE=false
 
 API_CORS=true
+API_IP_HEADERS=X-Forwarded-For,X-Real-IP
 API_EXPOSE_TOKEN=pmqeHOyZaumHm0Wt
 SECRET_KEY=uQeacXV8b3isvKLK
 

docker-compose.yaml

@@ -49,6 +49,7 @@ services:
       GUACD_DRIVE_PATH: ${GUACD_DRIVE_PATH:-/drive}
       SECRET_KEY: ${SECRET_KEY:-uQeacXV8b3isvKLK}
       API_EXPOSE_TOKEN: ${API_EXPOSE_TOKEN:-pmqeHOyZaumHm0Wt}
+      API_IP_HEADERS: ${API_IP_HEADERS:-X-Forwarded-For,X-Real-IP}
       API_CORS: ${API_CORS:-true}
       DEMO_MODE: ${DEMO_MODE:-false}
     volumes:

orion-visor-common/src/main/java/org/dromara/visor/common/configuration/CommonConfiguration.java

@@ -0,0 +1,55 @@
+/*
+ * Copyright (c) 2023 - present Dromara, All rights reserved.
+ *
+ *   https://visor.dromara.org
+ *   https://visor.dromara.org.cn
+ *   https://visor.orionsec.cn
+ *
+ * Members:
+ *   Jiahang Li - ljh1553488six@139.com - author
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.dromara.visor.common.configuration;
+
+import lombok.extern.slf4j.Slf4j;
+import org.dromara.visor.common.utils.IpUtils;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Configuration;
+
+import javax.annotation.PostConstruct;
+
+/**
+ * 公共配置类
+ *
+ * @author Jiahang Li
+ * @version 1.0.0
+ * @since 2023/6/20 10:34
+ */
+@Slf4j
+@Configuration
+public class CommonConfiguration {
+
+    @Value("${orion.api.ip-headers}")
+    private String[] ipHeaders;
+
+    /**
+     * 设置 IP 请求头
+     */
+    @PostConstruct
+    public void setIpHeader() {
+        IpUtils.setIpHeader(ipHeaders);
+        log.info("IpUtils.setIpHeader {}", String.join(",", ipHeaders));
+    }
+
+}

orion-visor-common/src/main/java/org/dromara/visor/common/utils/IpUtils.java

@@ -24,7 +24,7 @@ package org.dromara.visor.common.utils;
 
 import cn.orionsec.kit.ext.location.Region;
 import cn.orionsec.kit.ext.location.region.LocationRegions;
-import cn.orionsec.kit.web.servlet.web.Servlets;
+import cn.orionsec.kit.lang.utils.net.IPs;
 import org.dromara.visor.common.constant.Const;
 
 import javax.servlet.http.HttpServletRequest;
@@ -40,6 +40,8 @@ import java.util.Map;
  */
 public class IpUtils {
 
+    private static String[] IP_HEADER = new String[]{"X-Forwarded-For", "X-Real-IP"};
+
     private static final Map<String, String> CACHE = new HashMap<>();
 
     private IpUtils() {
@@ -52,13 +54,17 @@ public class IpUtils {
      * @return addr
      */
     public static String getRemoteAddr(HttpServletRequest request) {
-        // 获取实际地址 X_REAL_IP 在多代理情况下会有问题
-        // String realIp = request.getHeader(StandardHttpHeader.X_REAL_IP);
-        // if (!Strings.isBlank(realIp)) {
-        //     return realIp;
-        // }
-        // 获取请求地址
-        return Servlets.getRemoteAddr(request);
+        if (request == null) {
+            return null;
+        } else {
+            for (String remoteAddrHeader : IP_HEADER) {
+                String addr = checkIpHeader(request.getHeader(remoteAddrHeader));
+                if (addr != null) {
+                    return addr;
+                }
+            }
+            return checkIpHeader(request.getRemoteAddr());
+        }
     }
 
     /**
@@ -112,4 +118,23 @@ public class IpUtils {
         return Const.CN_UNKNOWN;
     }
 
+    /**
+     * 检查 ip 请求头
+     *
+     * @param headerValue headerValue
+     * @return header
+     */
+    private static String checkIpHeader(String headerValue) {
+        if (headerValue == null) {
+            return null;
+        } else {
+            headerValue = headerValue.split(",")[0];
+            return IPs.checkIp(headerValue);
+        }
+    }
+
+    public static void setIpHeader(String[] ipHeader) {
+        IP_HEADER = ipHeader;
+    }
+
 }

orion-visor-launch/src/main/resources/application-prod.yaml

@@ -74,6 +74,9 @@ orion:
   api:
     # 是否允许跨域
     cors: ${API_CORS:true}
+    # 获取 IP 的请求头
+    ip-headers: ${API_IP_HEADERS:X-Forwarded-For,X-Real-IP}
+    # 对外服务
     expose:
       # 暴露接口请求头值
       token: ${API_EXPOSE_TOKEN:pmqeHOyZaumHm0Wt}

orion-visor-launch/src/main/resources/application.yaml

@@ -175,6 +175,8 @@ orion:
     prefix: ${orion.prefix}/api
     # 是否允许跨域
     cors: true
+    # 获取 IP 的请求头
+    ip-headers: X-Forwarded-For,X-Real-IP
     # 对外服务
     expose:
       # 暴露接口请求头

orion-visor-modules/orion-visor-module-monitor/orion-visor-module-monitor-service/src/main/java/org/dromara/visor/module/monitor/enums/AlarmEventSourceTypeEnum.java

@@ -41,11 +41,6 @@ public enum AlarmEventSourceTypeEnum {
      */
     HOST,
 
-    /**
-     * 拨测告警
-     */
-    UPTIME,
-
     ;
 
     public static AlarmEventSourceTypeEnum of(String value) {